This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft File: _ORf1v09kyaEwMW8J_T6YVoQkOA.mft (raw, json) Hash identifier: 13P7KBgRvjne4GEWwWOHmQCylXplw7APgn7JQ7OMyD8= Subject key identifier: 01:E0:89:49:41:F8:7D:0E:7C:22:73:CF:C9:31:56:B1:F9:51:BC:0B Authority key identifier: FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0 Certificate issuer: /CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0 Certificate serial: 019B48EFE4C89C5DB74953AABA138E70487F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft Manifest number: 0E12 Signing time: Tue 23 Dec 2025 02:00:39 +0000 Manifest this update: Tue 23 Dec 2025 02:00:39 +0000 Manifest next update: Wed 24 Dec 2025 02:00:39 +0000 Files and hashes: 1: 0q3J-c3dMCcb0fEi4kT4_OFKaDo.roa (hash: GFF2i9DOD9iNc83o9PQkrJQokdzx6TTVi4lrSIyhIgE=) 2: _ORf1v09kyaEwMW8J_T6YVoQkOA.crl (hash: oD12nPFD/X+1P7euvZ/sSpqmXamZyuTW9E7NRBRBWZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:ef:e4:c8:9c:5d:b7:49:53:aa:ba:13:8e:70:48:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0 Validity Not Before: Dec 23 02:00:39 2025 GMT Not After : Dec 24 02:00:39 2025 GMT Subject: CN=01e0894941f87d0e7c2273cfc93156b1f951bc0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:95:1c:7c:c0:b7:a7:2f:64:a4:36:2c:ac:00: 26:68:f8:ba:99:12:62:b0:c4:24:58:5a:7b:a6:2d: be:59:b2:9f:41:8f:fc:42:be:2a:12:79:da:8e:64: 2d:48:35:2e:9f:17:e8:e1:3a:f3:48:44:5c:e1:30: 82:7f:0a:f9:5d:80:c8:d7:ae:79:b6:3c:3a:9a:c4: 3f:3c:89:41:27:ed:3f:e5:00:21:ff:6b:75:54:48: ab:96:cd:6a:94:1a:4b:b4:50:5d:c0:33:f0:48:30: c0:3a:9e:15:6c:99:9e:ab:a9:3f:7a:47:cd:ee:9a: 0d:fb:e6:82:76:25:94:67:02:65:a4:c2:0a:ff:1f: a8:6d:49:4b:91:96:a0:7c:42:0a:4a:3a:91:e2:3e: c8:0b:2b:cf:e1:b8:d6:c2:84:0b:0b:c7:c0:a4:a7: 0d:66:3e:d1:0f:e7:80:d4:ec:04:80:68:6a:16:27: ca:7c:e3:1d:39:ee:cd:0f:f8:1c:e0:91:38:95:78: 3b:d6:e4:75:46:ed:32:7c:1b:57:38:f9:e2:99:9c: 1f:f2:be:2f:8d:5b:25:f3:80:c7:cb:e5:5d:38:83: 06:c5:fc:4f:2a:fa:6a:ff:62:0f:48:d4:55:08:8c: 6f:2b:4d:7d:f7:38:8b:b8:ac:3f:db:b1:90:4e:11: d5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:E0:89:49:41:F8:7D:0E:7C:22:73:CF:C9:31:56:B1:F9:51:BC:0B X509v3 Authority Key Identifier: keyid:FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:48:ca:55:ff:59:78:81:6f:c1:3f:69:d5:9b:54:92:e0:60: 1f:2d:49:83:75:50:15:c6:73:3e:9b:2d:05:69:0e:18:0d:84: 52:30:91:48:c6:ff:30:aa:7a:4b:30:a8:53:4f:65:8a:18:1c: 7b:5f:63:e2:1d:60:a2:e5:b0:1f:38:a2:a7:05:c3:a3:0d:01: 20:80:31:e9:ae:7e:bb:69:82:33:aa:05:49:af:0f:86:30:6b: e9:2b:9b:f5:c1:df:b8:5d:e3:fe:f9:a7:c5:e7:99:9a:3e:6c: c2:66:e8:5d:a3:d6:c0:20:00:04:9f:e7:bf:eb:be:5e:68:78: 1d:07:02:ea:d7:27:35:dd:aa:6a:d4:ce:53:d2:7f:1f:71:4f: 56:73:b3:c0:d5:c4:96:d7:c2:0b:e6:1d:15:11:e7:49:9c:64: 1e:da:a1:7d:c9:a6:da:91:61:d4:55:0d:2e:fd:aa:f0:19:14: bb:60:82:03:25:ef:fe:df:2f:db:69:fc:c0:d9:f9:7e:cb:62: 0e:72:da:3d:09:18:a3:ce:6e:70:b7:c0:5c:5c:78:7e:8a:99: 78:4d:0f:b5:f7:5b:61:59:cf:be:99:77:31:01:8e:e1:26:61: 3b:91:d0:55:66:e3:99:b0:39:25:0a:59:da:57:d2:57:00:68: 37:8d:23:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtI7+TInF23SVOquhOOcEh/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZTQ1ZmQ2ZmQzZDkzMjY4NGMwYzViYzI3ZjRmYTYxNWEx MDkwZTAwHhcNMjUxMjIzMDIwMDM5WhcNMjUxMjI0MDIwMDM5WjAzMTEwLwYDVQQD EygwMWUwODk0OTQxZjg3ZDBlN2MyMjczY2ZjOTMxNTZiMWY5NTFiYzBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZUcfMC3py9kpDYsrAAmaPi6mRJi sMQkWFp7pi2+WbKfQY/8Qr4qEnnajmQtSDUunxfo4TrzSERc4TCCfwr5XYDI1655 tjw6msQ/PIlBJ+0/5QAh/2t1VEirls1qlBpLtFBdwDPwSDDAOp4VbJmeq6k/ekfN 7poN++aCdiWUZwJlpMIK/x+obUlLkZagfEIKSjqR4j7ICyvP4bjWwoQLC8fApKcN Zj7RD+eA1OwEgGhqFifKfOMdOe7ND/gc4JE4lXg71uR1Ru0yfBtXOPnimZwf8r4v jVsl84DHy+VdOIMGxfxPKvpq/2IPSNRVCIxvK0199ziLuKw/27GQThHVIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAHgiUlB+H0OfCJzz8kxVrH5UbwLMB8GA1UdIwQY MBaAFPzkX9b9PZMmhMDFvCf0+mFaEJDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2Ut MzY4NTBkZjRlOTk3LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2UtMzY4NTBkZjRlOTk3 LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0jKVf9Z eIFvwT9p1ZtUkuBgHy1Jg3VQFcZzPpstBWkOGA2EUjCRSMb/MKp6SzCoU09lihgc e19j4h1gouWwHziipwXDow0BIIAx6a5+u2mCM6oFSa8PhjBr6Sub9cHfuF3j/vmn xeeZmj5swmboXaPWwCAABJ/nv+u+Xmh4HQcC6tcnNd2qatTOU9J/H3FPVnOzwNXE ltfCC+YdFRHnSZxkHtqhfcmm2pFh1FUNLv2q8BkUu2CCAyXv/t8v22n8wNn5fsti DnLaPQkYo85ucLfAXFx4foqZeE0PtfdbYVnPvpl3MQGO4SZhO5HQVWbjmbA5JQpZ 2lfSVwBoN40jaA== -----END CERTIFICATE-----Generated at Tue Dec 23 09:55:34 2025 by rpki-client